Security Awareness Training Reporting

Track Progress, Gauge Results, Plan Accordingly

Our detailed reporting capabilities deliver the robust fourth component in our Assess, Educate, Reinforce, Measure methodology. These capabilities allow you to track your employees’ interactions with our CyberStrength® and ThreatSim® assessments, and our interactive training modules.

Plan your security awareness training with confidence. Our exportable reports help you focus on the areas, topics, and best practices that will benefit you the most, enabling you to reduce security risks and improve decision-making across all levels of your organization.

Comprehensive Reporting for In-Depth Analysis 

Following is a list of the reports that are currently available for our assessment and training products (though we frequently add new reporting mechanisms). All reports can be exported, which allows you to easily share the results with interested parties, perform more detailed analysis, and evaluate results alongside other security events.

ASSESSMENT REPORTS

CyberStrength

Dynamic Reports

Our new, fuller-featured dynamic reporting functionality gives administrators more flexibility and additional insights into users’ interactions with CyberStrength assessments. You can easily filter data, compare campaigns, quickly add and remove measures, and more. Administrators can also download the data in CSV and Excel formats for data integration.

The following dynamic report is currently available in our platform:

  • Assessment Report – This report shows the overall status of your CyberStrength assignments, aggregating user data to identify the strengths and weaknesses in your users’ cybersecurity knowledge. Charts illustrate the top-scoring content areas as well as the highest scoring groups across all participants. Administrators can use dynamic and flexible filtering to to narrow in on the data that can help them identify knowledge gaps in your organization’s cybersecurity posture.

Classic Reports

Following a more traditional approach, our classic reports utilize bar charts and more elementary reporting techniques.

  • Risk Report – Each section of this report gives you the ability to drill down into detailed information about a range of assessment results, including scores by group, lowest overall score by group, most missed questions, and lowest scores by person. You can use this analysis to tailor your follow-up training efforts and focus on the most important topics in different areas of your organization.

ThreatSim Phishing Simulations

Dynamic Reports

Our new, fuller-featured dynamic reporting functionality gives administrators more flexibility and additional insights into users’ interactions with ThreatSim phishing assessments. You can easily filter data, compare assignments, quickly add and remove measures, and more. Administrators can also download the data in CSV and Excel formats for data integration.

The following dynamic reports are currently available in the ThreatSim Phishing Simulation tool:

  • Campaign Comparison – This report allows administrators to compare the performance of multiple simulated phishing campaigns. Key features include the following:
    • The ability to tailor the report to include specific campaigns, time ranges, and/or campaign types.
    • The opportunity to compare campaign performance levels to one another based on overall failure rates, and by individual events (views, clicks, attachment opens, and/or data submissions).
    • The option to export the report in .csv and .xls formats for additional analysis and sharing.
  • Campaign Details – With this report, administrators can aggregate the results of multiple campaigns and view the overall performance results together, as well as see how individuals performed in each campaign they received. Key features include the following:
    • The ability to tailor the report to include specific campaigns, time ranges, and/or campaign types.
    • A display of each user who was part of a campaign, and how many times each user viewed, clicked, opened an attachment, and/or submitted data.
    • The option to export the report in .csv and .xls formats for additional analysis and sharing.
  • PhishAlarm Usage Report – This report shows the information reported via the PhishAlarm button, including the email type, actions by end users, and time required to report potential phish. The information is displayed by first name, last name, email address; the time the email was sent; and the time the email was reported. With this information, you can determine which users reported which types of emails, and whether an end user successfully spotted a simulated or potential phishing email.
  • User Failure Summary – This report allows administrators to analyze their users’ interactions with simulated phishing attack campaigns. It can be used to analyze the causes of single failures as well as identify repeat offenders. Key features include the following:
    • Ability to tailor the report to include specific campaigns, time ranges, and/or campaign types.
    • Metrics around how many times users have fallen for simulated attacks (for example, 20 users who have failed two times, 40 who have failed three times, 7 users who have failed four times).
    • Opportunity to analyze failure rates by campaign type (drive-by/link, attachment, and data entry) and identify the campaigns with the highest failure rates.
    • Aggregation of results by user property. Any property that is assigned in the user database can be used in the report, and administrators have the flexibility to segment the data based on any of the assigned properties.
    • Charts and tables that display the campaign email templates that generated the most failures across campaigns.
    • If administrators have assigned users a department, office location, or manager as a custom property, they will be able to segment the results by the values of that property.
    • Two tabular views of the raw data: one that shows the performance of each user, the total number of campaigns the user fell for, the number of failures by campaign type, and each user’s custom properties; another that provides a view of the aggregated results.
    • The ability to export the tables in .csv and .xls formats for additional custom analysis.
    • The option to export the full report as a PDF file for sharing.
    • Any and all filters and added fields can be saved as bookmarks so they can be used again within the product without having to recreate them.
Classic Reports

Following a more traditional approach, our classic reports utilize bar charts and more elementary reporting techniques.

  • Recent Campaigns – This at-a-glance report provides a quick view into your organization’s short-term phishing performance via a graphical display of your campaigns and associated user activity. Information displayed in the report includes the following:
    • Click rate
    • Multiple clicks
    • Opened messages
    • No response
    • Users who reported the mock phish
    • Browser vulnerabilities
    • Compromised users (i.e., those who provided their credentials to a fake site)
    • Weak Network Egress data, which shows the users who clicked from non-enterprise networks or networks with permissive egress rules
    • Users who acknowledged viewing the Teachable Moment
  • All Campaigns – This reporting area gives administrators access to statistical details about each campaign and a variety of reports, including the following:
    • Campaign History – Provides statistical details about each campaign, including visibility into past, current, and pending campaigns.
    • Campaign Overview – In addition to campaign details, this report also displays relevant incident response data such as time-to-click, time-to-open, and time-to-report. 
    • Endpoints– Indicates the types of devices (desktop vs. mobile), operating systems, browsers, and browser versions that were used by employees who fell for a mock phishing email. Also reports on out-of-date and potentially vulnerable third-party plug-ins (via the optional Weak Network Egress feature).
    • Geographic Distribution – Displays worldwide mapping of user activity per campaign, which helps you identify anomalies in your data regions with high levels of susceptibility.
    • Users – Shows detailed and complete user activity, including clicks, opens, and reported phish. Also identifies out-of-date third-party browser plug-ins and detection of off-end points (via the optional Weak Network Egress feature).
  • PhishAlarm® Reported Emails – This report shows the information reported via the PhishAlarm button, including the email type (Wombat Simulated Phish, Wombat Training Email, or Potential Phish), actions by end users, and time required to report potential phish. The information is displayed by first name, last name, email address, the time the email was sent, and the time the email was reported.  With this information, now you can determine which users reported which types of emails, and whether an end user successfully spotted a simulated or potential phishing email.

ThreatSim Smishing Simulations

  • Campaign Report – This at-a-glance report shows who fell for the simulated attack, how many people viewed and clicked the mock smishing message, and additional data points.

ThreatSim USB Simulations

  • Campaign Report – Shows the number of USB devices that were accessed and the IP addresses of the users who fell for the simulated attack.
  • Responses per Device – Displays the number of unique responses per USB device planted in your location. You can use this data to determine which areas of your organization and which employees were more likely to pick up and use an untested/unauthorized USB drive.

 

TRAINING MODULE REPORTS

Dynamic Reports

Our new, fuller-featured dynamic reporting functionality gives administrators more flexibility and additional insights into users’ interactions with our interactive training modules. You can easily filter data, compare assignments, quickly add and remove measures, and more. Custom user properties uploaded by administrators are selectable within applicable reports (see descriptions below). Administrators can also download the data in CSV and Excel formats for data integration.

The following dynamic reports are currently available in our platform:

  • Assignment Comparison – Shows both a simple top-ten bar chart of assignments and a data table of assignments illustrating completion rates and other statistics. Administrators can filter the report to view multiple assignments by date, completion status, and/or users participating in the assignment.
  • Assignment User Details – A companion to the Assignment Comparison report, this report provides comprehensive user-level information for training assignments. Administrators can drill down to the user level and module level and view a number of data points, including a user’s module score percentage, time to complete the module, and total questions answered. Custom user properties are selectable within this report. There is also a chart view that shows the overall user progress against any assignments showing in the data set. 
  • Module Completion Summary – Tracks all end-user interactions with the training modules. Administrators can filter by module, date range, assignments, custom user properties, and a myriad of other criteria to find data on user participation in any Wombat module. (The dynamic report replaces the classic version of the Module Completion Summary.)
  • Module Performance – Shows the average score for each module, as well as the module score for each user. A chart view highlights the top 25 user scores. The report can be filtered by training module, date, assignment, and/or custom user property to allow you to find exactly the data you need to make an action plan for your users.
  • Most Missed – Alerts you to the topic areas users are having the most trouble with in our training modules. By highlighting weaknesses, you can more effectively focus your training efforts. The report can be filtered by module, date, and/or assignment to allow you to find exactly the data you need to make an action plan for your users.
  • Policy Acknowledgement – Offers a detailed view of learners who have responded to a policy acknowledgement statement that was added to a training module through our Training Jacket feature. Administrators can filter by module, date range, assignment name, policy acknowledgement response, and custom user property. Two chart views show the status of policy acknowledgment responses.
  • Training Leaderboard – Allows you to create and share refined, dashboard-like views of users’ training module performance. Administrators can quickly identify the top performers, completion progress, and best-performing departments. The report also includes an exportable table that ranks all users with a formula that uses completion time and module scores across any combination of training modules.

Classic Reports

Following a more traditional approach, our classic reports utilize bar charts and more elementary reporting techniques. The following classic reports are available in our platform:

  • Assignment Details – Shows the details of how each user is progressing within an assignment and includes each user who was assigned training. A pie chart displays the status of each user in an assignment, and a bar chart shows the completion rate of each module within the assignment.
  • Assignment Status – Gives a snapshot of 5 to 25 assignments, side-by-side, for selected dates. A bar chart and table display the perfect of users who have completed, are in progress on, or have not started and assignment. 
  • User Report Cards – Allows you to see all the activity of a single user, including scores for specific modules and a cumulative performance rating. This helps you identify users who need extra training as well as track improvement.

Request a Demo